Sercomm RV220W User Manual

Dual-Band Wireless VPN Router
with GbE Switch
RV220W
User's Guide
Table of Contents
Dual-Band Wireless-N VPN Router Features ................................................................1
Package Contents .............................................................................................................. 3
Physical Details..................................................................................................................5
Requirements.....................................................................................................................7
Procedure...........................................................................................................................7
Configuration Program ..................................................................................................10
Setup Tab.........................................................................................................................12
Setup - Summary.............................................................................................................12
Setup - WAN Screen .......................................................................................................14
Setup - LAN Screen.........................................................................................................20
Setup - DMZ Screen........................................................................................................23
Setup - MAC Address Clone Screen..............................................................................24
Setup - Advanced Routing Screen .................................................................................25
Setup - Time Screen ........................................................................................................27
Setup - IP Mode Screen ..................................................................................................28
Wireless - Basic Settings Tab .........................................................................................29
Wireless - Security Settings............................................................................................31
Wireless - Connection Control.......................................................................................39
Wireless - Advanced Settings ......................................................................................... 41
Wireless - VLAN & QoS.................................................................................................43
Firewall Tab.....................................................................................................................45
Firewall - Basic Settings.................................................................................................. 45
Firewall - IP Based ACL................................................................................................. 47
Firewall - Internet Access Policy.................................................................................... 50
Firewall - Single Port Forwarding................................................................................. 54
Firewall - Port Range Forwarding.................................................................................56
Firewall - Port Range Triggering...................................................................................57
Security Protection - Web Protection............................................................................58
Security Protection - Email Protection.......................................................................... 61
Security Protection - License..........................................................................................62
VPN - Summary Tab.......................................................................................................64
VPN - IPSec VPN Tab ....................................................................................................66
VPN - VPN Client Accounts Tab...................................................................................71
VPN - VPN Passthrough................................................................................................. 73
QoS Tab............................................................................................................................74
QoS - Bandwidth Management......................................................................................74
QoS - QoS Setup.............................................................................................................. 76
QoS - Queue Settings.......................................................................................................77
QoS - DSCP Setup...........................................................................................................78
Administration Tab.........................................................................................................79
Administration - Management.......................................................................................79
Administration - Log.......................................................................................................81
Administration - Diagnostic ...........................................................................................83
Administration - Backup & Restore..............................................................................85
Administration - Factory Defaults.................................................................................86
Administration - Reboot.................................................................................................87
Administration - Firmware Upgrade.............................................................................88
L2 Switch - Create VLAN...............................................................................................89
L2 Switch - VLAN & Port Assignment.........................................................................90
i
L2 Switch - Radius .......................................................................................................... 91
L2 Switch - Port Setting..................................................................................................92
L2 Switch - Statistics....................................................................................................... 93
L2 Switch - Port Mirroring ............................................................................................ 94
Status - Gateway..............................................................................................................95
Status - Local Network ...................................................................................................97
Status - Wireless LAN.....................................................................................................99
Status - System Performance........................................................................................100
Dual-Band Wireless-N VPN Router............................................................................101
Copyright © 2008. All Rights Reserved. Document Version: 1.0 All trademarks and trade names are the properties of their respective owners.
ii
Chapter 1
Introduction
1
This Chapter provides an overview of the Dual-Band Wireless-N VPN Router's features and capabilities.
Congratulations on the purchase of your new Dual-Band Wireless-N VPN Router. The Dual­Band Wireless-N VPN Router is a multi-function device providing the following services:
Shared Broadband Internet Access for all LAN users.
Wireless Access Point for 802.11a, 802.11b, 802.11g and 802.11n Wireless Stations.
4-Port Switching Hub for 10BaseT, 100 or 1000BaseT connections.
Dual-Band Wireless-N VPN Router Features
The Dual-Band Wireless-N VPN Router incorporates many advanced features, carefully designed to provide sophisticated functions while being easy to use.
Internet Access Features
Shared Internet Access. All users on the LAN or WLAN can access the Internet
through the Dual-Band Wireless-N VPN Router, using only a single external IP Address. The local (invalid) IP Addresses are hidden from external sources. This process is called NAT (Network Address Translation).
DSL & Cable Modem Support. The Dual-Band Wireless-N VPN Router has a
10/100/1000BaseT Ethernet port for connecting a DSL or Cable Modem. All popular DSL and Cable Modems are supported.
PPPoE, PPTP and L2TP Support. The Internet (WAN port) connection supports
PPPoE (PPP over Ethernet), PPTP (Peer-to-Peer Tunneling Protocol) and L2TP, as well as "Direct Connection" type services.
Fixed or Dynamic IP Address. On the Internet (WAN port) connection, the Dual-
Band Wireless-N VPN Router supports both Dynamic IP Address (IP Address is allocated on connection) and Fixed IP Address.
Advanced Internet Functions
Application Level Gateways (ALGs). Applications which use non-standard connec-
tions or port numbers are normally blocked by the Firewall. The ability to define and allow such applications is provided, to enable such applications to be used normally.
Port Triggering. This feature, also called Special Applications, allows you to use
Internet applications which normally do not function when used behind a firewall.
Port Forwarding. This feature allows Internet users to access Internet servers on your
LAN. The required setup is quick and easy.
Dynamic DNS Support. DDNS, when used with the Virtual Servers feature, allows
users to connect to Servers on your LAN using a Domain Name, even if you have a dy­namic IP address which changes every time you connect.
URL Filter. Use the URL Filter to block access to undesirable Web sites by LAN users.
1
Access Control. Using the Access Control feature, you can assign LAN users to differ-
ent groups, and determine which Internet services are available to each group.
Scheduling. Both the URL Filter and Firewall rules can be scheduled to operate only at
certain times. This provides great flexibility in controlling Internet -bound traffic.
Logs. Define what data is recorded in the Logs, and optionally send log data to a Syslog
Server. Log data can also be E-mailed to you.
QoS Support Quality of Service can be used to handle packets so that more important
connections receive priority over less important one.
VPN Features
IPSec Support. IPSec is the most common protocol.
Easy Configuration. The configuration required to allow 2 Routers to establish a VPN
connection between them is easy accomplished.
Wireless Features
Standards Compliant. The Wireless Access Point complies with the IEEE802.11g and
IEEE802.11n draft 2.0 specifications for Wireless LANs.
Supports Pre-N Wireless Stations. The 802.11n Draft standard provides for backward
compatibility with the 802.11b standard, so 802.11n, 802.11a, 802.11b and 802.11g Wire­less stations can be used simultaneously. The Router supports both the 2.4GHz and
5.0GHz (802.11a) bands.
VLAN Support. The 802.1Q VLAN standard is supported, allowing traffic from differ-
ent sources to be segmented. Combined with the multiple SSID feature, this provides a powerful tool to control access to your LAN.
WEP support. Support for WEP (Wired Equivalent Privacy) is included. Key sizes of
64 Bit and 128 Bit are supported. WEP encrypts any data before transmission, providing protection against snoopers.
WPA- Personal support. Like WEP, WPA-Personal encrypts any data before transmis-
sion, providing protection against snoopers. The WPA- Personal is a later standard than WEP, and provides both easier configuration and greater security than WEP.
WPA2- Personal support. Support for WPA2 is also included. WPA2 uses the ex-
tremely secure AES encryption method.
802.1x Support. Support for 802.1x mode is included, providing for the industrial-
strength wireless security of 802.1x authentication and authorization.
Wireless MAC Access Control. The Wireless Access Control feature can check the
MAC address (hardware address) of Wireless stations to ensure that only trusted Wireless Stations can access your LAN.
Simple Configuration. If the default settings are unsuitable, they can be changed
quickly and easily.
WPS Support. WPS (Wi-Fi Protected Setup) can simplify the process of connecting any
device to the wireless network by using the push button configuration (PBC) on the Wire­less Access Point, or entering a PIN code if there's no button.
LAN Features
4-Port Switching Hub. The Dual-Band Wireless-N VPN Router incorporates a 4-port
10/100/1000BaseT switching hub, making it easy to create or extend your LAN.
2
DHCP Server Support. Dynamic Host Configuration Protocol provides a dynamic IP
address to PCs and other devices upon request. The Dual-Band Wireless-N VPN Router can act as a DHCP Server for devices on your local LAN and WLAN.
Configuration & Management
Easy Setup. Use your WEB browser from anywhere on the LAN or WLAN for configu-
ration.
Configuration File Upload/Download. Save (download) the configuration data from
the Dual-Band Wireless-N VPN Router to your PC, and restore (upload) a previously­saved configuration file to the Dual-Band Wireless-N VPN Router.
Remote Management. The Dual-Band Wireless-N VPN Router can be managed from
any PC on your LAN or Wireless LAN. And, if the Internet connection exists, it can also (optionally) be configured via the Internet.
Network Diagnostics. You can use the Dual-Band Wireless-N VPN Router to perform
a Ping or DNS lookup.
UPnP Support. UPnP (Universal Plug and Play) allows automatic discovery and con-
figuration of the Dual-Band Wireless-N VPN Router. UPnP is supported by Windows ME, XP, or later.
Security Features
Password - protected Configuration. Password protection is provided to prevent
unauthorized users from modifying the configuration data and settings.
Wireless LAN Security. WPA-PSK, WEP and Wireless access control by MAC ad-
dress are all supported. The MAC-level access control feature can be used to prevent unknown wireless stations from accessing your LAN.
NAT Protection. An intrinsic side effect of NAT (Network Address Translation) tech-
nology is that by allowing all LAN users to share a single IP address, the location and even the existence of each PC is hidden. From the external viewpoint, there is no network, only a single device - the Dual-Band Wireless-N VPN Router.
Firewall. All incoming data packets are monitored and all incoming server requests are
filtered, thus protecting your network from malicious attacks from external sources.
Protection against DoS attacks. DoS (Denial of Service) attacks can flood your
Internet connection with invalid packets and connection requests, using so much band­width and so many resources that Internet access becomes unavailable. The Dual-Band Wireless-N VPN Router incorporates protection against DoS attacks.
Package Contents
The following items should be included. If any of these items are damaged or missing, please contact your dealer immediately.
The Dual-Band Wireless-N VPN Router Unit
RJ45 (LAN) cable
Power Adapter
Warranty Card
CD-ROM containing the user manual.
3
except above RF exposure statement, for devices used at 5.15-5.25GHz should add the following  wording at their user manual.  According to RSS-210, the device is intended to operate in the frequency band of 5.15GHz to 
5.25GHz under all conditions of normal operation. Normal operation of this device is restricted to  indoor used only to reduce any potential for harmful interference to co-channel MSS operations.     
This equipment has been tested and found to comply with the limits for a Class B digital device, pursuant to part 15 of the FCC rules. These limits are designed to provide reasonable protection against harmful interference in a residential installation. This equipment generates, uses and can radiate radio frequency energy and, if not installed and used in accordance with the instructions, may cause harmful interference to radio communications. However, there is no guarantee that interference will not occur in a particular installation. If this equipment does cause harmful interference to radio or television reception, which can be determined by turning the equipment off and on, the user is encouraged to try to correct the interference by one or more of thefollowing measures:
-Reorient or relocate the receiving antenna.
-Increase the separation between the equipment and receiver.
-Connect the equipment into an outlet on a circuit different from that to which the receiver is connected.
-Consult the dealer or an experienced radio/TV technician for help.
You are cautioned that changes or modifications not expressly approved by the party responsi­ble for compliance could void your authority to operate the equipment.
FCC RF Radiation Exposure Statement:
1. This Transmitter must not be co-located or operating in conjunction with any other anten na or transmitter.2. This equipment complies with FCC RF radiation exposure limits set forth for an uncontrolled environment. This equipment should be installed and operated with a mini­mum distance of 20 centimeters between the radiator and your body.
According to FCC 15.407(e), the device is intended to operate in the frequency band of
5.15GHz to 5.25GHz under all conditions of normal operation. Normal operation of this device is restricted to indoor used only to reduce any potential for harmful interference to co­channel MSS operations.
Operation is subject to the following two conditio ns: (1 ) this d evice may not cau se interferen ce, and (2) this device must accept any interference, including interference that may cause unde­sired operation of the device.
RSS-GEN 7.1.4: User Manual for Transmitters with Detachable Antennas The user manual of transmitter devices equipped with detachable antennas shall contain the followinginformation in a con­spicuous location: This device has been designed to operate with the antennas listed below, and having a maxi­mum gain of [2.0] dB. Antennas not included in this list or having a gain greater than [2.0] dB are strictly prohibited for use with this device. The required antenna impedance is [50] ohms.
RSS-GEN 7.1.5 To reduce potential radio interference to other users, the antenna type and its gain should be so chosen that the equivalent isotropically radiated power (e.i.r.p.) is not more than that permitted for successful communication.
IC RF Radiation Exposure Statement:
1. This Transmitter must not be co-located or operating in conjunction with any other anten na or transmitter.2. This equipment complies with IC RF radiation exposure limits set forth for an uncontrolled environment. This equipment should be installed and operated with a mini­mumdistance of 20 centimeters between the radiator and your body.
Physical Details
Front-mounted LEDs
POWER (Green)
DIAG (Red) On - System problem.
DMZ (Green) On - DMZ enabled.
On - Power on. Off - No power.
Off - Normal operation. Flashing - System rebooting or firmware upgrading.
Off - DMZ disabled.
WIRELESS (Green)
LAN (1~4)
WAN(Green) The WAN LED lights up the appropriate LED depending upon the speed
On - Wireless enabled. Off - No Wireless connections currently exist. Flashing - Data is being transmitting or receiving via the Wireless con-
nection. Each port has 3 LEDs:
10 - This will be ON if the LAN connection is using 10BaseT, and
blinking if data is being transferred via the corresponding LAN port.
100 - This will be ON if the LAN connection is using 100BaseT, and
blinking if data is being transferred via the corresponding LAN port.
1000 - This will be ON if the LAN connection is using 1000BaseT,
and blinking if data is being transferred via the corresponding LAN port.
If neither LED is on, there is no active connection on the corresponding LAN port.
of the device that is attached to the Internet port. If the Router is connected to a cable or DSL modem, typically the 10 LED will be the only LED lit up (i.e. 10Mbps). The LED Flashes during activity.
5
Rear Panel
RESET button
WAN
LAN 1-4 (10/100/1000BaseT)
POWER
The Reset button can be used in one of two ways:
If the Router is having problems connecting to the Internet,
press the Reset button for just a second with a paper clip or a pencil tip. This is similar to pressing the Reset button on your PC to reboot it.
If you are experiencing extreme problems with the Router and
have tried all other troubleshooting measures, press and hold in the Reset button for 10 seconds. This will restore the factory defaults and clear all of the Router’s settings, such as port for­warding or a new password.
Connect the DSL or Cable Modem here. If your modem came with a cable, use the supplied cable. Otherwise, use a standard LAN cable.
Use standard LAN cables (RJ45 connectors) to connect your PCs to these ports.
Connect the supplied power adapter here.
6
Chapter 2
Installation
2
This Chapter covers the physical installation of the Dual-Band Wireless-N VPN Router.
Requirements
Network cables. Use standard 10/100/1000BaseT network (UTP) cables with RJ45 con-
nectors.
TCP/IP protocol must be installed on all PCs.
For Internet Access, an Internet Access account with an ISP, and a DSL connection.
To use the Wireless Access Point, all Wireless devices must be compliant with the IEEE
802.11a, IEEE 802.11g, IEEE 802.11b or IEEE 802.11n Draft specifications.
Procedure
1. Choose an Installation Site
Select a suitable place on the network to install the Dual-Band Wireless-N VPN Router. Make sure that the Router is powered off.
For best Wireless reception and performance, the Dual-Band Wireless-N VPN Router should be positioned in a central location with minimum obstructions between the Dual-Band Wireless-N VPN Router and the PCs.
2. Connect LAN Cables
Use standard LAN cables to connect PCs to the ports on the Dual-Band Wireless-N VPN Router. 10BaseT, 100BaseT and 1000BaseT connections can be used simultaneously.
3. Connect ADSL Cable
Connect the DSL or Cable modem to the INTERNET port on the Dual-Band Wireless-N VPN Router. Use the cable supplied with your DSL/Cable modem. If no cable was sup­plied, use a standard cable.
4. Power Up
Connect the supplied power adapter to the Dual-Band Wireless-N VPN Router. Use only the power adapter provided. Using a different one may cause hardware damage.
5. Check the LEDs
The Power LED should be ON.
The LAN LED should be ON (provided the PC is also ON.)
The WIRELESS LED should be ON if Wireless PC is connected.
7
The WAN LED may be OFF. After configuration, it should come ON.
Antennas and Positions Positions
The Router can be placed in three different positions: stackable, standalone, or wall-mount.
Standalone
1. Locate the Router’s left side panel.
2. The Router includes two stands. With the two large prongs facing outward, insert the short
prongs into the little slots in the Router, and push the stand upward until it snaps into place.
Wall-mount
You will need two suitable screws to mount the Router. Make sure the screw size can fit into the crisscross wall-mount slots.
1. On the Wireless Router’s back panel are two crisscross wall-mount slots.
2. Determine where you want to mount the Wireless Router, and install two screws that are
2-9/16 in (64.5mm) apart.
3. Line up the Wireless Router so that the wall-mount slots line up with the two screws.
4. Place the wall-mount slots over the screws and slide the Wireless Router down until the
screws fit snugly into the wall-mount slots.
8
Chapter 3
Setup
3
This Chapter provides Setup details of the Dual-Band Wireless-N VPN Router.
Configuration Program
The Dual-Band Wireless-N VPN Router contains an HTTP server. This enables you to connect to it, and configure it, using your Web Browser. Your Browser must support JavaScript.
The configuration program has been tested on the following browsers:
Netscape 7.1 or later
Mozilla 1.6 or later
Internet Explorer V5.5 or later
Preparation
Before attempting to configure the Dual-Band Wireless-N VPN Router, please ensure that:
Your PC can establish a physical connection to the Dual-Band Wireless-N VPN Router.
The PC and the Dual-Band Wireless-N VPN Router must be directly connected (using the Hub ports on the Dual-Band Wireless-N VPN Router) or on the same LAN segment.
The Dual-Band Wireless-N VPN Router must be installed and powered ON.
If the Dual-Band Wireless-N VPN Router's default IP Address (192.168.1.1) is already
used by another device, the other device must be turned OFF until the Dual-Band Wire­less-N VPN Router is allocated a new IP Address during configuration.
Using your Web Browser
To establish a connection from your PC to the Dual-Band Wireless-N VPN Router:
1. After installing the Dual-Band Wireless-N VPN Router in your LAN, start your PC. If
your PC is already running, restart it.
2. Start your WEB browser.
3. In the Address box, enter "HTTP://" and the IP Address of the Dual-Band Wireless-N
VPN Router, as in this example, which uses the Dual-Band Wireless-N VPN Router's de­fault IP Address:
HTTP://192.168.1.1
4. When prompted for the User name and Password, enter values as follows:
User name admin
Password admin
10
If you can't connect
Figure 1: Login Screen
If the Dual-Band Wireless-N VPN Router does not respond, check the following:
The Dual-Band Wireless-N VPN Router is properly installed, LAN connection
is OK, and it is powered ON. You can test the connection by using the "Ping" command:
Open the MS-DOS window or command prompt window.
Enter the command:
ping 192.168.1.1 If no response is received, either the connection is not working, or your PC's IP address is not compatible with the Dual-Band Wireless-N VPN Router's IP Address. (See next item.)
If your PC is using a fixed IP Address, its IP Address must be within the range
192.168.1.2 to 192.168.1.254 to be compatible with the Dual-Band Wireless-N VPN Router's default IP Address of 192.168.1.1. Also, the Network Mask must be set to 255.255.255.0. See Chapter 4 - PC Configuration for details on checking your PC's TCP/IP settings.
Ensure that your PC and the Dual-Band Wireless-N VPN Router are on the
same network segment. (If you don't have a router, this must be the case.)
Ensure you are using the wired LAN interface. The Wireless interface can only
be used if its configuration matches your PC's wireless settings.
11
Setup Tab
The Setup screen contains all of the Router’s basic setup functions. The Router can be used in most network settings without changing any of the default values. Some users may need to enter additional information in order to connect to the Internet through an ISP (Internet Service Provider) or broadband (DSL, cable modem) carrier.
Setup - Summary
The first screen that appears is the System Summary screen, which displays the Router’s current status and settings. This information is read-only. Underlined text is hyperlinked to related setup pages, so if you click a hyperlink, the related setup screen will appear. On the right-hand side of this screen and all other screens of the utility is a lin k to the Site Map, which has links to all of the utility’s tabs.
Figure 2: Summary Screen
12
Data - Summary Screen
System Information
Firmware Ver-
It displays the current firmware version installed on this Router.
sion CPU
Displayed here are the type and speed of the processor installed on the Router.
System Up Time
This is the length of time in days, hours, and minutes that the Router has been active. The current time and date are also displayed.
DRAM
Displayed here is the size of DRAM installed on the Router’s mother­board.
FLASH
Displayed here is the size of flash memory installed on the Router’s board.
Port Statistics
Port Statistics This section displays the following color-coded status information on
the Router’s Ethernet ports:
Green - Indicates that the port has a connection.
Black - Indicates that the port has no connection.
Networking Setting Status
LAN IP WAN IP
Displays the IP address of the Router’s LAN interface. Displays the IP address of the Router’s WAN interface. If this address
was assigned using DHCP, click DHCP Release to release the address, or click DHCP Renew to renew the address.
Mode Gateway
Displays the operating mode, Gateway or Router. Displays the Gateway address, which is the IP address of your ISP’s
server.
DNS 1-2
The IP addresses of the Domain Name System (DNS) server(s) that the Router is using.
DDNS
Indicates whether the Dynamic Domain Name System (DDNS) feature is enabled.
DMZ
Indicates whether the DMZ Hosting feature is enabled.
Firewall Setting Status
DOS (Denial of Service)
Block WAN
Indicates whether the DoS Protection feature is enabled to block DoS attacks.
Indicates whether the Block WAN Request feature is enabled.
Request Remote Man-
Indicates whether the Remote Management feature is enabled.
agement
VPN Setting Status
Tunnel(s) Used Tunnel(s) Avail-
Displays the number of VPN tunnels currently being used. Displays the number of VPN tunnels that are available.
able
13
Setup - WAN Screen
DHCP
By default, the Router’s Configuration Type is set to Automatic Configuration - DHCP, and it should be kept only if your ISP supports DHCP or you are connecting through a dynamic IP address.
Optional Settings
Host Name Domain
Name MTU
DDNS Service
Enter a host name for the Router. Enter a domain name for the Router.
This setting specifies the largest packet size permitted for network transmis­sion. In most cases, keep the default, Auto. To specify the MTU, select Manual, and then enter the value in the Size field.
Select the desired option from the list.
Disabled - If selected, no DDNS service will be used.
DynDNS
TZO
Figure 3: DHCP Screen
User Name, Password, Host Name - Enter the User Name, Pass-
word, and Host Name of the account you set up with DynDNS.org.
Custom DNS - Enable the checkbox if you want to use this fea-
ture.
Status - The status of the DDNS service connection is displayed
here.
E-mail Address, TZO Password, Domain Name - Enter the E-
mail Address, Password, and Domain Name of the account you set
14
up with TZO.
Status - The status of the TZO service connection is displayed
here.
Connect Button
When DDNS is enabled, the Connect button is displayed. Use this button to manually update your IP address information on the DDNS server. The Status area on this screen also updates.
Static IP
If you are required to use a permanent IP address, select Static IP.
Static IP Settings
Internet IP Address
Subnet Mask Default
Gateway Primary DNS
Secondary DNS
Figure 4: Static IP
This is the Router’s IP address on the WAN port that can be reached from the Internet.
Enter the Subnet mask to match the IP address above. Your ISP will provide you with the Default Gateway (Router) to reach the
Internet. Your ISP will provide you with at least one DNS (Domain Name System)
Server IP Address to resolve host name to IP address mapping. The secondary DNS will only be used if the primary DNS is not available.
15
PPPoE
Most DSL-based ISPs use PPPoE (Point-to-Point Protocol over Ethernet) to establish Internet connections. If you are connected to the Internet through a DSL line, check with your ISP to see if they use PPPoE. If they do, you will have to enable PPPoE.
PPPoE Settings
Username Password Connect on
Demand
Keep Alive
Figure 5: PPPoE
Enter the User Name provided by your ISP for PPPoE authentication. Enter the Password by your ISP for PPPoE authentication. You can configure the Router to cut the Internet connection after it has
been inactive for a specified period of time (Max Idle Time). If your Internet connection has been terminated due to inactivity, Connect on Demand enables the Router to automatically re-establish your connection as soon as you attempt to access the Internet again. If you wish to activate Connect on Demand, click the Connect on Demand option and enter the number of minutes you want to have elapsed before your Internet connec­tion terminates in the Max Idle Time field. Use this option to minimize your DSL connection time if it is charged based on time.
This option allows the Router will periodically check your Internet co n­nection. If you are disconnected, then the Router will automatically re­establish your connection. To use this option, click the option next to Keep Alive. In the Redial Period field, you specify how often you want the Router to check the Internet connection. This option is enabled by default and the default Redial Period is 30 seconds. Use this option to minimize your Internet connection response time since it will always be connected.
16
PPTP
Point-to-Point Tunneling Protocol (PPTP) is a service that applies to connections in Europe and Israel only.
PPTP Settings
IP Address
Subnet Mask
Default Gateway
PPTP Server Username Password Connect on
Demand
Figure 6: PPTP
This is the Router’s IP address, when seen from the WAN, or the Internet. Your ISP will provide you with the IP Address you need to specify here.
This is the Router’s Subnet Mask. Your ISP will provide you the Subnet Mask and your IP address.
Your ISP will provide you with the Default Gateway IP Address.
Enter the IP address of the PPTP server. Enter the User Name provided by your ISP. Enter the Password provided by your ISP. You can configure the Router to cut the Internet connection after it has
been inactive for a specified period of time (Max Idle Time). If your Internet connection has been terminated due to inactivity, Connect on Demand enables the Router to automatically re-establish your connection as soon as you attempt to access the Internet again. If you wish to activate Connect on Demand, click the Connect on Demand option and enter the number of minutes you want to have elapsed before your Internet connec-
17
tion terminates in the Max Idle Time field. Use this option to minimize your DSL connection time if it is charged based on time.
Keep Alive
This option allows the Router will periodically check your Internet co n­nection. If you are disconnected, then the Router will automatically re­establish your connection. To use this option, click the option next to Keep Alive. In the Redial Period field, you specify how often you want the Router to check the Internet connection. This option is enabled by default and the default Redial Period is 30 seconds. Use this option to minimize your Internet connection response time since it will always be connected.
L2TP
Layer 2 Tunneling Protocol (L2TP) is a service that tunnels Point-to-Point Protocol (PPP) across the Internet. It is used mostly in European countries. Check with your ISP for the necessary setup information.
L2tp Settings
IP Address
Subnet Mask
Gateway
Figure 7: L2TP
This is the Router’s IP address, when seen from the WAN, or the Internet. Your ISP will provide you with the IP Address you need to specify here.
This is the Router’s Subnet Mask. Your ISP will provide you the Subnet Mask and your IP address.
Your ISP will provide you with the Default Gateway IP Address.
18
L2TP Server Username Password Connect on
Demand
Keep Alive
Enter the IP address of the L2TP server Enter the User Name provided by your ISP. Enter the Password provided by your ISP. You can configure the Router to cut the Internet connection after it has
been inactive for a specified period of time (Max Idle Time). If your Internet connection has been terminated due to inactivity, Connect on Demand enables the Router to automatically re-establish your connection as soon as you attempt to access the Internet again. If you wish to activate Connect on Demand, click the Connect on Demand option and enter the number of minutes you want to have elapsed before your Internet connec­tion terminates in the Max Idle Time field. Use this option to minimize your DSL connection time if it is charged based on time.
This option allows the Router will periodically check your Internet co n­nection. If you are disconnected, then the Router will automatically re­establish your connection. To use this option, click the option next to Keep Alive. In the Redial Period field, you specify how often you want the Router to check the Internet connection. This option is enabled by default and the default Redial Period is 30 seconds. Use this option to minimize your Internet connection response time since it will always be connected.
19
Setup - LAN Screen
The LAN Setup section allows you to change the Router’s local network settings for the four Ethernet ports.
Data - LAN Screen
IPv4
Local IP Address
Enter the IPv4 address on the LAN side. The default value is
192.168.1.1.
Figure 8: LAN Screen
20
Subnet Mask
Select the subnet mask from the drop-down menu. The default value is
255.255.255.0.
Server Settings (DHCP)
DHCP Server
DHCP is enabled by default. If you already have a DHCP server on your network, or you don't want a DHCP server, then select Disabled (no other DHCP features will be available). If you already have a DHCP server on your network, and you want the Router to act as a Relay for that DHCP Server, select DHCP Relay, then enter the
DHCP Server IP Address.
Starting IP Address
Enter a value for the DHCP server to start with when issuing IP ad­dresses. This value will automatically follow your local IP address settings. Normally, you assign the first IP address for the Router (e.g.
192.168.1.1) so that you can assign an IP address to other devices starting from the 2nd IP address (e.g. 192.168.1.2). The last address in the subnet is for subnet broadcast (e.g. 192.168.1.255) so that the address cannot be assigned to any host.
Maximum Number of DHCP Users
Enter the maximum number of PCs that you want the DHCP server to assign IP addresses to. This number cannot be greater than the avail­able host addresses in the subnet (e.g. 253 for /24 subnet). In order to determine the DHCP IP Address range, add the starting IP address (e.g., 100) to the number of DHCP users.
Client Lease Time
This is the amount of time a DHCP client can keep the assigned IP address before it sends a renewal request to the DHCP server. The default value is 0, which actually means one day.
Static DNS (1~3) WINS
Static IP Mapping
Static IP Ad­dress
MAC Address Host Name Add, Modify,
Remove buttons
IPv6
IPv6 Prefix IPv6 Postfix Prefix Length
Router Advise­ment
If applicable, enter the IP address(es) of your DNS server(s). Windows Internet Naming Service (WINS) is a service that resolves
NetBIOS names to IP addresses. WINS is assigned if the computer (DHCP client) requests one. Enter the IP address of the WINS server.
Enter the static IP address.
Enter the MAC address of the device. Enter a descriptive name for the device. Click Add, and configure as many entries as you would like, up to a
maximum of 100. To delete an entry, select it and click Remove. Select the desired entry and click the Modify to change the settings.
Enter the IPv6 prefix. Enter the IPv6 postfix. Enter the IPv6 prefix length. The default is 64, which should not need
to be changed. Enabling this option allows the Router to send out IPv6 Router Adver-
tisement packets periodically. This helps IPv6 hosts to learn their IPv6 prefix and setup their IPv6 Address automatically.
21
DHCPv6
DHCPv6 Lease Time
DHCP address range start
DHCP address range end
Primary DNS
Secondary DNS
Enabled or Disabled as required. Enter the desired value. The default is 0, which actually means one
day. Enter the start IP address of the DHCP range.
Enter the end IP address of the DHCP range.
Your ISP will provide you with at least one DNS (Domain Name System) Server IP Address to resolve host name to IP address map­ping.
The secondary DNS will only be used if the primary DNS is not available.
22
Setup - DMZ Screen
The DMZ screen allows one local PC to be exposed to the Internet for use of a special-purpose service, such as Internet gaming and video-conferencing. DMZ hosting forwards traffic to all the ports for the specified PC simultaneously, unlike Port Range Forwarding that can only forward a maximum of 10 ranges of ports.
Data - DMZ Screen
DMZ
DMZ Hosting
DMZ Host IP Address
This feature allows one local PC to be exposed to the Internet for use of a special-purpose service such as Internet gaming and video­conferencing. To use this feature, select Enable. To disable the DMZ feature, select Disable.
To expose one PC, enter the computer’s IP address.
Figure 9: DMZ Screen
23
Setup - MAC Address Clone Screen
Some ISPs require that you register a MAC address. This feature clones your PC network adapter's MAC address onto the Router, and prevents you from having to call your ISP to change the registered MAC address to the Router's MAC address. The Router's MAC address is a 6-byte hexadecimal number assigned to a unique piece of hardware for identification.
Figure 10: MAC Address Clone Screen
Data - MAC Address Clone Screen
MAC Address Clone
MAC Address Clone
MAC Address Clone My PC’s
MAC
Select Enabled or Disabled.
Enter the MAC Address registered with your ISP in this field. When Mac Address Clone is enabled, click this to cop y th e MAC
address of the network adapter in the computer that you are using to connect to the Web-based utility.
24
Setup - Advanced Routing Screen
Figure 11: Advanced Routing Screen
Data - Advanced Routing Screen
Operating Mode
Operating Mode
Dynamic Routing
RIP
RIP Send Packet Version
RIP Recv Packet Version
Gateway - This is the normal mode of operation. This allows all
devices on your LAN to share the same WAN (Internet) IP ad­dress. In the Gateway mode, the NAT (Network Address Translation) mechanism is enabled.
Router - You either need another Router to act as the Gateway, or
all PCs on your LAN must be assigned (fixed) Internet IP ad­dresses. In Router mode, the NAT mechanism is disabled.
The Router, using the RIP protocol, calculates the most efficient route for the network’s data packets to travel between the source and the destination based upon the shortest paths.
Choose the version of RIP packets you want to send to peers: RIPv1 or RIPv2. This should match the version supported by other Routers on your LAN.
Choose the version of RIP packets you want to receive from peers: RIPv1 or RIPv2. This should match the version supported by other Routers on your LAN.
25
Static Routing
Select Set Number
Sometimes you will prefer to use static routes to build your routing table instead of using dynamic routing protocols. Static routes do not require CPU resources to exchange routing information with a peer router. You can also use static routes to reach peer routers that do not support dynamic routing protocols. Static routes can be used together with dynamic routes. Be careful not to introduce routing loops in your network.
To set up static routing, you should add route entries in the routing table that tell the Router where to forward packets to specific IP destinations.
Enter the following data to create a static route entry:
1. Select Set Number. Select the set number (routing table entry
number) that you wish to view or configure. If necessary, click Delete This Entry to clear the entry.
2. Destination IP Address. Enter the network address of the remote
LAN segment. For a standard Class C IP domain, the network ad­dress is the first three fields of the Destination LAN IP, while the last field should be zero.
3. Subnet Mask. Enter the Subnet Mask used on the destination
LAN IP domain. For Class C IP domains, the Subnet Mask is
255.255.255.0.
4. Gateway. If this Router is used to connect your network to the
Internet, then your gateway IP is the Router’s IP Address. If you have another router handling your network’s Internet connection, enter the IP Address of that router instead.
Inter-VLAN Routing
Inter-VLAN Routing
5. Hop Count. This value gives the number of routers that a data
packet passes through before reaching its destination. It is used to define the priority on which route to use if there is a conflict b e­tween a static route and dynamic route.
Show Routing Table button. Click this button to show the routing table established either through dynamic or static routing methods.
Select Enable to allow packets to be routed between VLANs that are in different subnets. The default is Enable.
Figure 12: Routing Table
26
Setup - Time Screen
You can either define your Router’s time manually or automatically through Time Server.
Data - Time Screen
Time
Time
Time Zone Auto Daylight
Saving
User-defined NTPServer
NTP Serve IP
Set the local time Manually - If you wish to enter the time and
Set the local time using Network Time Protocol (NTP) Auto-
Select the time zone for your location. To use the daylight saving feature, select Enabled. Enter the Month
and Day of the start date, and then enter the Month and Day of the end date.
If you want to use your own NTP server, select the Enabled option. The default is Disabled.
Enter the IP address of your own NTP server.
Figure 13: Time Screen
date manually, enter the Day, Month, Year, Hour, Minute, and Second in the Time field using 24 hour format (example 10:00pm
would be entered 22:0:0).
matically - Select the time zone for your location and your setting synchronizes over the Internet with public NTP (Network Time Protocol) Servers.
27
Setup - IP Mode Screen
You can either define your Router’s time manually or automatically through Time Server.
Figure 14: IP Mode Screen
Data - IP Mode Screen
IP Mode
IPv4 Only Dual-Stack IP
6 to 4 Gateway Access Control
This option utilizes IPv4 on the Internet and local networ k. This option utilizes IPv4 over the Internet and IPV4 and IPv6 on the
local network. Then select how the IPv6 hosts will connect to the Internet:
NAPT-PT - This allows an IPv6-only host on your LAN to
connect to IPv4-only hosts on the WAN using address translation and protocol-translation (per RFC2766).
6-4 Tunnel - This allows your IPv6 network to connect to other
IPv6 networks via tunnels through IPv4 (per RFC3056). The re­mote router also needs to support 6to4.
Select the desired option to match your needs. Enter the related data in the following fields if required.
Disabled
Permit following sites: Enter the IP addresses that you want to
permit in the following section.
Block following sites: Enter the IP addresses that you want to
block in the following section.
28
Loading...
+ 75 hidden pages